CVE-2022-3273: Weak Encryption
First published: Thu Oct 06 2022(Updated: )
Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0a4.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ikus-soft Rdiffweb | <=2.4.10 | |
| Ikus-soft Rdiffweb | =2.5.0-alpha1 | |
| Ikus-soft Rdiffweb | =2.5.0-alpha2 | |
| Ikus-soft Rdiffweb | =2.5.0-alpha3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-3273?
CVE-2022-3273 is a vulnerability that allows the allocation of resources without limits or throttling in the GitHub repository ikus060/rdiffweb prior to version 2.5.0a4.
How severe is CVE-2022-3273?
CVE-2022-3273 has a severity value of 9.8 (critical).
Which software versions are affected by CVE-2022-3273?
CVE-2022-3273 affects versions up to and including 2.4.10, 2.5.0-alpha1, 2.5.0-alpha2, and 2.5.0-alpha3 of Ikus-soft Rdiffweb.
How can I fix CVE-2022-3273?
To fix CVE-2022-3273, update your Ikus-soft Rdiffweb installation to version 2.5.0a4 or later.
More information on CVE-2022-3273?
For more information on CVE-2022-3273, you can refer to the following references: [GitHub Commit](https://github.com/ikus060/rdiffweb/commit/b5e3bb0a98268d18ceead36ab9b2b7eaacd659a8) and [Huntr Bounty](https://huntr.dev/bounties/a6df4bad-3382-4add-8918-760d885690f6).
- collector/nvd-index
- agent/author
- agent/type
- vendor/ikus-soft
- canonical/ikus-soft rdiffweb
- version/ikus-soft rdiffweb/2.4.10
- version/ikus-soft rdiffweb/2.5.0-alpha1
- version/ikus-soft rdiffweb/2.5.0-alpha2
- version/ikus-soft rdiffweb/2.5.0-alpha3